Note have edited this because you should be more specific in your case as WSGI script file was in a sub directory. Being more specific makes your Apache more secure. You don't want to be saying to Apache that it can serve files from the directory with your settings file in it as a stuff up in URL mappings in Apache might then make your code downloadable.
–
Graham DumpletonJul 1 '11 at 1:35